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DETAILED ACTION 



Response to Amendment 

1 . This is in response to request for reconsideration filed on January 21 , 2005. 
Original application contained Claims 1 -45. Remarks filed on January 21, 2005 have 
been entered and made of record. Therefore, pending Claims 1 - 45 are presented for 
further consideration and examination. 



Response to Arguments 

2. Applicant's arguments with respect to Claims 1 - 45 have been considered but 
are moot in view of the new ground(s) of rejection. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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3. Claims 1- 45 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Cunningham et al. (U.S. Patent number 6,219,786, hereafter "Cunningham") in view of 
Reshef et al. (U.S. Patent Number 6,321 ,337). 

4. Regarding Claim 1 , Cunningham discloses and 

a proxy server for receiving network service requests from a client and 
forwarding said requests pursuant to a tolerance protocol to a protected server, and 
responding to a client (Cunningham Column 5 line 39 - Column 6 line 20); 

an acceptance monitor for receiving from the protected server one or more 
responses to the client request and applying one or more acceptance tests thereto 
(Cunningham Column 6 lines 1 - 25). 

Cunningham discloses a third access (ballot) monitor for receiving the results 
from the acceptance monitors and validates the proxy server (firewall) along with 
acceptance monitors. Cunningham does not explicitly disclose that the third access 
monitor receiving from the acceptance monitor the results of the applied acceptance 
tests and determining a preferred response to the client request. However, Reshef 
discloses a security gateway (proxy) positioning between external environment and a 
trusted server that controls access through acceptance rules wherein the security 
gateway receives from the access monitor the results of the applied acceptance tests 
and determines a preferred response to the client request (Reshef Column 12 lines 19 - 
54). 
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5. Motivation to combine the invention of Reshef with Cunningham comes from the 
need for providing a valid response by collecting responses from a variety of 
acceptance monitors and analyzing the response, Cunningham provide a discussion on 
the need for multiple acceptance rules but silent on ballot monitor, see Cunningham 
Column 6 lines 33 - 48. It would be obvious to one of ordinary skill in the art to combine 
Reshef with Cunningham because a consolidated response is needed for the results 
provided by the acceptance monitors of Cunningham and because Reshef provides 
some details of how a valid response is determined with access-rules, access lists and 
other relevant information. 

6, Regarding Claim 2, Cunningham discloses and describes 

a proxy server for receiving network service requests from a client and 
forwarding said requests pursuant to a tolerance protocol to a protected server, and 
responding to a client (Cunningham Column 5 line 39 - Column 6 line 20); 

an acceptance monitor for receiving from the protected server one or more 
responses to the client request and applying one or more acceptance tests thereto 
(Cunningham Column 6 lines 1 -25); 

an intrusion sensor responsive to anomalies in operation of the network for 
detecting threats to the network (Cunningham Column 6 lines 21 - 56 and Column 8 
lines 10-48); and 

an adaptive reconfigurer for altering the tolerance protocol and reconfiguring a 
network forwarding scheme among the proxy server, acceptance monitor and ballot 
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monitor in response to a predetermined condition (Column 6 lines 1-48 and Column 8 
lines 26 - 53). 

Cunningham discloses a third access (ballot) monitor for receiving the results 
from the acceptance monitors and validates the proxy server (firewall) along with 
acceptance monitors. Cunningham does not explicitly disclose that the third access 
monitor receiving from the acceptance monitor the results of the applied acceptance 
tests and determining a preferred response to the client request. However, Reshef 
discloses a security gateway (proxy) positioning between external environment and a 
trusted server that controls access through acceptance rules wherein the security 
gateway receives from the access monitor the results of the applied acceptance tests 
and determines a preferred response to the client request (Reshef Column 12 lines 19 - 
54). 



7. Motivation to combine the invention of Reshef with Cunningham comes from the 
need for providing a valid response by collecting responses from a variety of 
acceptance monitors and analyzing the response, Cunningham provide a discussion on 
the need for multiple acceptance rules but silent on ballot monitor, see Cunningham 
Column 6 lines 33 - 48. It would be obvious to one of ordinary skill in the art to combine 
Reshef with Cunningham because a consolidated response is needed for the results 
provided by the acceptance monitors of Cunningham and because Reshef provides 
some details of how a valid response is determined with access-rules, access lists and 
other relevant information. 
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8. Regarding Claim 18, Cunningham discloses and describes 

receiving a network service request and forwarding the request pursuant to a 
tolerance protocol (Cunningham Column 7 lines 1 - 14); 

generating a response to the service request and forwarding the response 
(Cunningham Column 7 lines 1 - 14); 

applying one or more acceptance tests to the response and forwarding the test 
results (Cunningham Column 7 line 56 - Column 8 line 9); 

Cunningham discloses a third access (ballot) monitor for receiving the results 
from the acceptance monitors and validates the proxy server (firewall) along with 
acceptance monitors. Cunningham does not explicitly discloses polling the test results 
to determine a preferred response based upon the poll. However, Reshef discloses a 
security gateway (proxy) positioning between external environment and a trusted server 
that controls access through acceptance rules wherein the security gateway receives 
from the access monitor the results of the applied acceptance tests and forwards a 
preferred response to the client request (Reshef Column 12 lines 19 - 54). 

9. Motivation to combine the invention of Reshef with Cunningham comes from the 
need for providing a valid response by collecting responses from a variety of 
acceptance monitors and analyzing the response, Cunningham provide a discussion on 
the need for multiple acceptance rules but silent on ballot monitor, see Cunningham 
Column 6 lines 33 - 48. It would be obvious to one of ordinary skill in the art to combine 
Reshef with Cunningham because a consolidated response is needed for the results 
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provided by the acceptance monitors of Cunningham and because Reshef provides 
some details of how a valid response is determined with access-rules, access lists and 
other relevant information. 

10. Regarding Claim 19, Cunningham discloses and describes 

receiving a network service request and forwarding the request pursuant to a 

tolerance protocol (Cunningham Column 7 lines 1-14); 

generating a response to the service request and forwarding the response 

(Cunningham Column 7 lines 1 - 55); 

applying one or more acceptance tests to the response and forwarding the test 

results; 

detecting any anomalies in operation of the network (Cunningham Column 8 
lines 34 - 53); and 

revising the tolerance protocol and a network forwarding scheme in response to 
an anomaly in operation of the network (Cunningham Column 8 line 54 - Column 9 line 
13). 

Cunningham discloses a third access (polling) monitor for receiving the results 
from the acceptance monitors and validates the proxy server (firewall) along with 
acceptance monitors. Cunningham does not explicitly disclose that the third access 
monitor receiving from the acceptance monitor the results of the applied acceptance 
tests and determining a preferred response to the client request. However, Reshef 
discloses a security gateway (proxy) positioning between external environment and a 
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trusted server that controls access through acceptance rules wherein the security 
gateway receives from the access monitor the results of the applied acceptance tests 
and determines a preferred response to the client request (Reshef Column 12 lines 19 - 
54). 

1 1 . Motivation to combine the invention of Reshef with Cunningham comes from the 
need for providing a valid response by collecting responses from a variety of 
acceptance monitors and analyzing the response, Cunningham provide a discussion on 
the need for multiple acceptance rules but silent on ballot monitor, see Cunningham 
Column 6 lines 33 - 48. It would be obvious to one of ordinary skill in the art to combine 
Reshef with Cunningham because a consolidated response is needed for the results 
provided by the acceptance monitors of Cunningham and because Reshef provides 
some details of how a valid response is determined with access-rules, access lists and 
other relevant information. 

12. Claim 3 is rejected as applied above in rejecting claim 1. Furthermore, 
Cunningham and Reshef disclose and describe wherein said proxy server further 
forwards said requests to an acceptance monitor and a ballot monitor (Cunningham 
Column 7 lines 1 - 14 and Reshef Column 12 lines 19 - 54) . 

13. Claim 4 is rejected as applied above in rejecting claim 1. Furthermore, 
Cunningham and Reshef disclose and describe wherein said proxy server comprises 
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multiple independent proxy servers (Cunningham Column 6 lines 1 - 32; Column 8 lines 
26 - 53 and Reshef Column 7 lines 10 - 28). 

14. Claim 5 is rejected as applied above in rejecting claim 1 . Furthermore, 
Cunningham discloses and describes, wherein said acceptance monitor comprises 
multiple independent acceptance monitors (Cunningham Column 6 lines 1-32 and 
Column 8 lines 26 - 53). 

15. Claim 6 is rejected as applied above in rejecting claim 1 . Furthermore, 
Cunningham and Reshef disclose and describe, wherein said ballot monitor comprises 
multiple independent ballot monitors (Reshef Column 7 lines 10 - 28). 

16. Claim 9 is rejected as applied above in rejecting claim 1 . Furthermore, 
Cunningham and Reshef discloses and describes, wherein said proxy server forwards 
said requests to a protective server, the acceptance monitor and the ballot monitor 
(Cunningham Column 6 lines 1 - 32; Column 8 lines 26 - 53 and Reshef Column 7 
lines 10-28). 

17. Claim 10 is rejected as applied above in rejecting claim 1 . Furthermore, 
Cunningham discloses and describes, wherein said acceptance monitor applies one or 
more acceptance tests taken from the group of satisfaction of requirements test, 
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accounting test, reasonableness test or computer run time test (Cunningham Column 8 
26 -Column 9 line 18). 

18. Claim 11 is rejected as applied above in rejecting claim 1. Furthermore, Reshef 
discloses and describes, wherein said ballot monitor determines a preferred response 
using a process taken from the group of: simple majority voting, Byzantine agreement 
process, or adjudication process (Reshef Column 7 lines 10 - 28). 

19. Claims 12 and 21 are rejected as applied above in rejecting claims 1 and 18. 
Furthermore, Cunningham discloses and describes wherein said proxy server forwards 
said requests to multiple independent protected servers (Cunningham Column 5 lines - 
51; and Column 10 lines 21 -51). 

20. Claim 7 is rejected as applied above in rejecting claim 2. Furthermore, 
Cunningham discloses and describes wherein said intrusion sensor comprises a 
multiplicity of sensors monitoring predetermined operations of the network (Cunningham 
Column 6 lines 1 - 32; Column 8 lines 26 - 53). 

21. Claim 8 is rejected as applied above in rejecting claim 2. Furthermore, 
Cunningham and Reshef discloses and describes, wherein said adaptive reconfigurer 
reconfigures the network forwarding scheme to establish parallel forwarding among the 
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protected server, acceptance monitor, and ballot monitor (Cunningham Column 6 lines 
1 - 32; Column 8 lines 26 - 53 and Reshef Column 7 lines 10 - 28). 

22. Claim 15 is rejected as applied above in rejecting claim 2. Furthermore, 
Cunningham and Reshef discloses and describes, wherein at least one of said proxy 
server, acceptance monitor, ballot monitor, intrusion sensor and adaptive reconfigurer 
comprise a separate and independent processor (Cunningham Column 6 lines 1 - 32; 
Column 8 lines 26 - 53 and Reshef Column 7 lines 10-28 and Column 8 lines 15 - 
45). 

23. Claim 16 is rejected as applied above in rejecting claim 2. Furthermore, 
Cunningham and Reshef discloses and describes, wherein two or more of said proxy 
server, acceptance monitor, ballot monitor, intrusion sensor and adaptive reconfigurer 
operate on a single processor (Cunningham Column 6 lines 1 - 32; Column 8 lines 26 - 
53 and Reshef Column 7 lines 1 0 - 28 and Column 8 lines 1 5 - 45). 

24. Claim 17 is rejected as applied above in rejecting claim 2. Furthermore, 
Cunningham and Reshef disclose and describe, wherein the adaptive reconfigurer 
reconfigures the network forwarding scheme to establish multiple independent network 
forwarding paths (Cunningham Column 6 lines 1 - 32; Column 8 lines 26 - 53 and 
Reshef Column 7 lines 1 0 - 28 and Column 8 lines 1 5 - 45). 
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25. Claim 20 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes, wherein the step of receiving a network service 
request further comprises receiving a network service request at a proxy server 
(Cunningham Column 7 lines 1 - 14). 

26. Claim 22 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of receiving a network 
service request further comprises forwarding the request to multiple protected servers 
(Column 5 lines 8-51 and Column 10 lines 21 - 52). 

27. Claim 23 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of receiving a network 
service request further comprises forwarding the request on multiple independent paths 
(Column 6 lines 1 - 32 and Column 8 line 26 - Column 9 line 48). 

28. Claim 24 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of generating a response 
comprises generating a response at a protected server (Column 6 lines 1 - 32). 

29. Claim 25 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of generating a response and 
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forwarding the response comprises forwarding a response to an acceptance monitor 
(Column 6 lines 1- 32; Column 7 lines 15-25 and Column 8 lines 26 - 53). 

30. Claim 26 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of generating a response and 
forwarding a response comprises forwarding the response to multiple acceptance 
monitors (Column 6 lines 1 - 32 and Column 8 lines 26 - 53). 

31. Claims 27 and 32 are rejected as applied above in rejecting claim 18. 
Furthermore, Cunningham discloses and describes the step of generating a response 
and forwarding a response comprises forwarding the response on multiple independent 
paths (Column 6 lines 1 - 32 and Column 8 line 26 - Column 9 line 48). 

32. Claim 28 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes the step of applying one or more 
acceptance tests comprise applying one or more acceptance tests at an acceptance 
monitor (Column 8 line 26 - Column 9 line 18). 

33. Claim 29 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of applying one or more 
acceptance tests comprise applying independent acceptance tests to each response 
(Column 8 line 26 - Column 9 line 18). 
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34. Claim 30 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of applying one or more 
acceptance tests and forwarding the test results comprises forwarding the test results to 
a ballot monitor (Column 6 lines 1 - 32; Column 8 lines 26 - 53 and Reshef Column 7 
lines 10-28). 

35. Claim 31 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of applying one or more 
acceptance tests and forwarding the test results comprises forwarding the tests results 
to multiple ballot monitors (Column 6 lines 1 - 32; Column 8 lines 26 - 53 and Reshef 
Column 7 lines 10-28). 

36. Claim 33 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of polling the acceptance test 
results comprises polling the acceptance test results at a ballot monitor (Column 6 lines 
1 - 32 and Column 7 line 56 - Column 8 line 53). 

37. Claim 34 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of polling the acceptance test 
results comprises applying multiple polling routines (Column 6 lines 1 - 32 and Column 
7 line 56 - Column 8 line 53 and Reshef Column 7 lines 10 - 28). 
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38. Claim 35 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes wherein the step of polling the acceptance test 
results comprises applying multiple polling routines to the responses from each of a 
multiplicity of ballot monitors (Column 6 lines 1 - 32 and Column 7 line 56 - Column 8 
line 53 and Reshef Column 7 lines 10 - 28). 

39. Claim 36 is rejected as applied above in rejecting claim 18. Furthermore, 
Cunningham discloses and describes a method for reconfiguring communication among 
network components to minimize the impact of intrusive events (Fig. 1, 2, 6 7; Summary 
and Column 5 line 8 - Column 1 1 line 50), wherein at least one of the steps of receiving 
a network service request, generating a response to a service request, applying 

one or more acceptance tests, polling the acceptance test results and forwarding the 
preferred response to a client comprises utilizing a separate processor to enhance 
independence of operation and minimize the impact of intrusive events (Column 7 line 
56 - Column 8 line 53). 

40. Claim 37 is rejected as applied above in rejecting claim 19. Furthermore, 
Cunningham discloses and describes wherein the step of revising the tolerance protocol 
and network forwarding scheme comprises forwarding on multiple independent paths 
(Column 6 lines 1 - 32 and Column 8 line 26 - Column 9 line 48). 
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41. Claim 38 is rejected as applied above in rejecting claim 19. Furthermore, 
Cunningham discloses and describes wherein the step of revising the tolerance protocol 
and network forwarding scheme comprises forwarding to multiple independent 
acceptance monitors (Column 6 lines 1 - 32 and Column 8 lines 26 - 53). 

42. Claim 39 is rejected as applied above in rejecting claim 19. Furthermore, 
Cunningham discloses and describes wherein the step of revising the tolerance protocol 
and network forwarding scheme comprises forwarding to multiple independent ballot 
monitors (Column 6 lines 1-32 and Column 8 lines 26 - 53 and Reshef Column 7 lines 
10-28). 

43. Claim 40 is rejected as applied above in rejecting claim 19. Furthermore, 
Cunningham discloses and describes wherein the step of revising the tolerance protocol 
and network forwarding scheme comprises forwarding to multiple independent proxy 
servers (Column 6 lines 1 - 32 and Column 8 lines 26 - 53). 

44. Claim 41 is rejected as applied above in rejecting claim 19. Furthermore, 
Cunningham discloses and describes wherein the step of revising the tolerance protocol 
and network forwarding scheme further comprises comparing any detected anomalies 
with known anomalies to identify a predetermined intrusion tolerance protocol (Column 
6 lines 1 - 32 and Column 8 lines 26 - 53). 
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45. Claim 42 is rejected as applied above in rejecting claim 19. Furthermore, 
Cunningham discloses and describes wherein the step of revising the tolerance protocol 
and network forwarding scheme comprises determining the acceptance monitors that 
will be used to support the selected tolerance protocol (Column 8 line 54 - Column 9 
line 48). 



46. Claim 43 is rejected as applied above in rejecting claim 19. Furthermore, 
Cunningham discloses and describes wherein the step of revising the tolerance protocol 
and network forwarding scheme comprises determining the ballot monitors that will be 
used to support the selected tolerance protocol (Column 8 line 54 - Column 9 line 48). 



47. Claim 44 is rejected as applied above in rejecting claim 19. Furthermore, 
Cunningham discloses and describes wherein the step of revising the tolerance protocol 
and network forwarding scheme comprises determining the proxy servers that will be 
used to implement the selected tolerance protocol (Column 8 line 54 - Column 9 line 
48). 



48. Claim 45 is rejected as applied above in rejecting claim 19. Furthermore, 
Cunningham discloses and wherein the step of revising the tolerance protocol and 
network forwarding scheme comprises prioritizing the network service requests (Column 
8 line 54 - Column 9 line 48 and Column 1 0 line 32 - Column 1 1 line 46). 
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49. Claim 13 is rejected as applied above in rejecting claim 12. Furthermore, 
Cunningham discloses and describes wherein said acceptance monitor receives 
responses from multiple independent protected servers and applies independent 
acceptance tests to each received responses (Cunningham Column 6 lines 1 - 32 and 
Column 8 lines 26 - 53). 

50. Claim 14 is rejected as applied above in rejecting claim 13. Furthermore, 
Cunningham discloses and describes wherein said ballot monitor receives responses 
from multiple acceptance monitors and determines a preferred response from the 
multiple responses received (Cunningham Column 6 lines 1 - 32 and Column 8 lines 26 
-53). 



Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Pramila Parthasarathy whose telephone number is 571- 
272-3866. The examiner can normally be reached on 8:00a.m. To 5:00p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-232-3795. 
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Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
3900. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR only. For more 
information about the PAIR system, contact the Electronic Business Center (EBC) at 
866-217-9197 (toll-free). 



Pramila Parthasarathy 
April 07, 2005. 




